Tag: SSL

Microsoft Dynamics GP 2018 RTM has now been released. In a series of posts, I am be stepping through the installation of Microsoft Dynamics GP and additional products ; the series index for this series of posts is here and will automatically update as posts go live.

I am taking a small break (sort of) from that post, to cover the installation/configuration of the prerequisites for the installation of the Microsoft Dynamics GP 2018 RTM web client (the installation of which is part of the Hands On series.

This is the first of the posts on installing and configuring the web client prerequisites; in this post I am going to cover the binding of the self-signed security certificate (created in the last post).

To bind the certificate, launch Internet Information Services (IIS) Manager, expand the server node, the Sites node and click on Default Web Site (I am just using the default website in IIS for the web client) and then click Bindings in the Action pane:

Microsoft Dynamics GP 2018 RTM has now been released. In a series of posts, I am be stepping through the installation of Microsoft Dynamics GP and additional products ; the series index for this series of posts is here and will automatically update as posts go live.

I am taking a small break (sort of) from that post, to cover the installation/configuration of the prerequisites for the installation of the Microsoft Dynamics GP 2018 RTM web client (the installation of which is part of the Hands On series).

This is the first of the posts on installing and configuring the web client prerequisites; in this post I am going to cover the creation of a self-signed security certificate.

The web client is a web based service, which requires a security certificate to be created and bound to the web site. Once IIS has been installed, it is a simple process to create a self-signed security.

To do so, launch Internet Information Services (IIS) Manager and click on the server name in the navigation pane. in the detail pane, double click on Server Certificates:

Microsoft Dynamics GP 2015 R2 was released at the end of May. As I mentioned at the time, I was away from home for work and rather busy otherwise so this series of posts has been somewhat delayed.

However, I am now getting my hands on GP 2015 R2 and thought I would do my usual set of posts on the installation of the various components and also the usage of the new functionality. This is going to be quite a long series of posts, so keep checking back regularly.

The sixth post covers a single machine deployment of the Web Client for Microsoft Dynamics GP. To install the Web Client run the setup.exe from the installation media and, under Additional Products select Web Client:

An error occurred during session monitoring 'System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'sc1.domain.azurecurve.co.uk:48650'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.AuthenticationException: The remote certificate is invalid according to the validation procedure.

To avoid certificate errors with the Web Client, the security certificate from the web server needs to be installed onto the client machines (i.e. all of the PCs which will be running IE to connect to the website).

Before the certificate is loaded, you’ll see the following error when navigating to the GP web client:

If a wildcard domain certificate has been used then you won’t need to follow the steps in this post. If, like me, you’re using individual machine certificates then you will have problems with trust relationships between servers unless you install the certificate from each machine on all of the others.

To accomplish this, the certificates need to be exported and then imported. As an example, I am going to transfer the certificate from the Session Control Server (SC1) to the first Session Host (SH1).

To do this open Internet Information Services (IIS) Manager, select the machine and double click Server Certificates:

It is possible to add SSL certificates without the use of IIS, but I am not an expert in this area. To this end, I installed IIS the same way as on the Session Control Server and then created the certificate the same way too.

However, you choose to create the certificate for the Session Host machines, make sure you have one for each of the machines or apply the wildcard SSL certificate to each.

If anyone knows a way of applying a certificate to a machine without installing IIS I’d appreciate you leaving a comment below.

Now that the SSL certificate for the Session Central Server has been created, it needs to be bound to the website to which the Session Control Server will be installed.

To bind the certificate, open Internet Information Services (IIS) Manager and, in the Connections pane expand the server and Sites nodes and then right click on the website you intend to use, which in this example is the Default Web Site and select Edit Bindings…:

The Session Control and Session Host machines require an SSL certificate. In a production environment I would recommend using a wildcard SSL domain certificate, but as this is only my test environment I am going to use a self-signed SSL certificate.

Dynamics GP Community

Login

Map of Visits

Disclaimer

This blog is a personal project; all opinions are my own and do not necessarily reflect those of my employer.

This blog and its content is provided "AS IS" with no warranty of any kind, either expressed or implied, made in relation to the accuracy, reliability or content of the information herein. The author shall not be liable for any direct, indirect, incidental or consequential damages arising out of the use of, or inability to use, information or opinions expressed in this site and confers no rights.

The links in this blog may lead to third-party Web sites to provide access to third-party resources to assist you in finding other services and/or technical support resources. Information at these sites may change without notice and azurecurve is not responsible for the content at any third-party Web sites and does not guarantee the accuracy of third-party information.

By continuing to use the site (by scrolling or navigating), you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.